Red Hat JBoss Operations Network (JON) prior to 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss operations network |
||
redhat jboss operations network 2.3.1 |
||
redhat jboss operations network 2.4 |
||
redhat jboss operations network 2.3 |
||
redhat jboss operations network 2.2 |
||
redhat jboss operations network 2.1.0 |
||
redhat jboss operations network 2.0.1 |
||
redhat jboss operations network 2.0.0 |
||
redhat jboss operations network 1.0.0 |